Your email posture as JSON, on demand. ToolTrusted has a read-only REST API so developers and platform teams can pull the same deterministic intelligence the dashboard shows — domains, dashboards, incidents, trends, analytics, recommendations and benchmarks — straight into their own systems.
Who it’s for
Developers and platform teams who want email-infrastructure intelligence wired into their stack — a status dashboard, an internal tool, a scheduled job, a CI check. The API returns the exact read-models behind the product, so there’s no second source of truth to reconcile. Pair it with Automation (webhooks & Slack) to both pull posture and be pushed changes.
Authentication
Each request is authenticated with a per-workspace API key, sent in a header — never a query string. Keys are generated in your Workspace and shown once; you can hold several named keys for different integrations and revoke any of them. Organization owners get org-scoped keys that read the whole portfolio.
# Send your key as a Bearer token (or the X-TT-Api-Key header) curl https://tooltrusted.com/wp-json/tooltrusted/v1/api/dashboard \ -H "Authorization: Bearer ttk_<workspace>_<secret>" # Every response uses a stable envelope { "ok": true, "data": { ... }, "meta": { "generated_at": "..." } }
Endpoints
| Endpoint | Returns |
|---|---|
GET /api/domains | Your domains and their latest score/grade. |
GET /api/dashboard | Your workspace verdict, counts and priority list. |
GET /api/incidents | Open and recent incidents across your domains. |
GET /api/domains/<id>/timeline | The event story for one domain. |
GET /api/domains/<id>/trends | Signal trends over the window. |
GET /api/domains/<id>/analytics | MTTR, recurring/flapping, reliability verdict. |
GET /api/domains/<id>/incidents | Incident lifecycles for one domain. |
GET /api/domains/<id>/recommendations | Impact-ranked fixes for one domain. |
GET /api/domains/<id>/benchmark | How the domain compares to the population. |
GET /api/domains/<id>/snapshot | The latest measured posture. |
GET /api/org/dashboard, /api/org/workspaces | Portfolio rollup (owner key). |
GET /api/public-status/<id>/<sig> | Public, PII-free status — no key required. |
schema_version. Requests are rate-limited, errors use a consistent { ok: false, error: { code, message } } shape, and the public-status endpoint returns only public-safe data (no emails, no internal ids).Free or Premium
Premium
The authenticated API is part of Premium (the public-status endpoint is a signed, PII-free share link). It’s independent and deterministic — measured signals only, no fabricated fields, and no claim to measure inbox placement. See pricing →